How does Bitcoin protect itself from Core Developer corruption and misinformation campaigns?
70 sats \ 8 comments \ @jp 26 May 2022 bitcoin
As Bitcoin grows, the biggest vulnerability (at least in my opinion) would be the intentional corruption and infiltration of the core developer team - coupled with misinformation campaigns, to adopt a architectural feature set which might cause a critical vulnerability.
While I am aware that the community can approve/reject proposals it's entirely feasible that the general population (as Bitcoin becomes more popular) may become susceptible to an attack vector.
How does the Core team insulate themselves from this and - more importantly - how does the rest of the community remain aware of this social engineering attack?
write
preview
related posts
12 sats \ 0 replies \ @cointastical 26 May 2022
No one controls Bitcoin.
No one controls the focal point for Bitcoin development.
Who Controls Bitcoin Core? https://blog.lopp.net/who-controls-bitcoin-core-/
reply
9 sats \ 2 replies \ @cointastical 26 May 2022
Firstly, there is the Bitcoin Core client, which is the "reference implementation". There are other implementations/clients as well.
The Bitcoin Core client is developed to follow the Bitcoin protocol but also has features like a wallet, a GUI, etc.
So there are two facets to consider:
  • Making changes to the Bitcoin Protocol
  • Making changes to the Bitcoin Core client
There are some articles on the Bitcoin Wiki that will be of interest here:
Development process https://en.bitcoin.it/wiki/Development_process
Release process https://en.bitcoin.it/wiki/Release_process
And there's this, in the bitcoin repo:
Developer Notes https://github.com/bitcoin/bitcoin/blob/master/doc/developer-notes.md
There was also a session at Bitcoin 2020 conference that might be of interest:
Bitcoin Core Development Process - Bitcoin 2022 Conference
Then there are second layer protocols and applications -- e.g., Lightning network. Those have their own methods for developing the protocol and app/features.
While I am aware that the community can approve/reject proposals it's entirely feasible that the general population (as Bitcoin becomes more popular) may become susceptible to an attack vector.
I personally don't need to convince the developers to include or not include something in a release. They need to convince me that I want to install their release.
Otherwise, their change can do whatever, even things that might be harmful, but that doesn't affect me because I'm not running their software. However, if there's a release that is contentious, then I want to be on the side that the vast majority of the "economic nodes", otherwise I may accept payment that I cannot then spend because my payment will not be accepted by those nodes.
So the tl;dr to your question is: Who can change bitcoin? Those who understand Incentives and Game Theory such that a Bitcoin Core release includes only changes that will be accepted by the vast majority of economic nodes.
reply
0 sats \ 1 reply \ @cointastical 26 May 2022
Here's an example of that combination of incentives and game theory with regard to one example -- the 21M limit:
Can Bitcoin's Hard Cap of 21 Million Be Changed? https://river.com/learn/can-bitcoins-hard-cap-of-21-million-be-changed/
(But ignore the part about miner and node signaling, that's not a hard rule and may not even be a part of the process in the future).
reply
0 sats \ 0 replies \ @cointastical 26 May 2022
Here's a great reply to a similar question on r/Bitcoin:
Everyone can edit Bitcoin code. Nobody can force you to use their edits.
There is no power to abuse, just trust. You should think hard about who and what you trust. (That thinking hard by many people is what prevents such abuse.)
https://reddit.com/r/Bitcoin/comments/4yoxjq/comment/d6pvgce https://teddit.net/r/Bitcoin/comments/4yoxjq/comment/d6pvgce <-- Read-only view, which may be easier to read
reply
5 sats \ 0 replies \ @nerd2ninja 26 May 2022
The people who care a lot about this kind of thing read BIPs a lot. BIP 119 is an example of a proposal that got a lot of heat as a result of (at the time) proposing to only ask miners to show their approval with no regard for full node operators.
User Rejected Soft Fork clients and User Activated Soft Fork clients have been proposed in the past, but abandoning core entirely was also part of the discussion. These are alternatives to Bitcoin core that don't fork the blockchain: https://bitcoin.eu/bitcoin-core-alternatives-dont-fork-blockchain/
reply
0 sats \ 1 reply \ @zuspotirko 27 May 2022
You need to change your mindset about this.
There is no official Bitcoin implementation, there are no official Bitcoin developers. Everybody runs his own software and plays by his own rules. If those rules are compatible via the Bitcoin protocol they will work together.
If one development team e.g. from Bitcoin-core is corrupted the community will not approve of updates and people won't adopt the update on their own nodes.
reply
0 sats \ 0 replies \ @zuspotirko 27 May 2022
But I agree with you that the reference implementation Bitcoin-core is too dominant. Would be better if we had 3-4 big implementations.
reply
0 sats \ 0 replies \ @JustDavids 27 May 2022
It’s lasted this long with all the attempts to shutter it and now it’s being regulated while covertly mines by America and China 👍 talk about a turnaround but it I will eventual be under the control of whoever has the most in possession…unfortunately.
reply